feat: update org operate

2025-02-28 13:35:13 +08:00
parent 409067f13f
commit d2280f6b89
14 changed files with 542 additions and 400 deletions
--- a/src/routes/user/index.ts
+++ b/src/routes/user/index.ts
@@ -7,4 +7,6 @@ import './update.ts'

 import './init.ts'

-import './web-login.ts'
+import './web-login.ts'
+
+import './org-user/list.ts'
--- a/src/routes/user/me.ts
+++ b/src/routes/user/me.ts
@@ -72,6 +72,7 @@ app
    if (!user.checkPassword(password)) {
      ctx.throw(500, 'Password error');
    }
+    user.expireOrgs();
    const token = await user.createToken(null, loginType);
    createCookie(token, ctx);
    ctx.body = token;
--- a/src/routes/user/org-user/index.ts
+++ b/src/routes/user/org-user/index.ts
--- a/src/routes/user/org-user/list.ts
+++ b/src/routes/user/org-user/list.ts
@@ -0,0 +1,55 @@
+import { app } from '@/app.ts';
+import { User } from '@/models/user.ts';
+import { Org } from '@/models/org.ts';
+// 获取组织的用户列表
+app
+  .route({
+    path: 'org-user',
+    key: 'list',
+    middleware: ['auth'],
+  })
+  .define(async (ctx) => {
+    const tokenUser = ctx.state.tokenUser;
+    const { orgId } = ctx.query;
+    const org = await Org.findByPk(orgId);
+    if (!org) {
+      ctx.throw('组织不存在');
+    }
+    // const users = await user.getUsers();
+    ctx.body = org;
+  })
+  .addTo(app);
+
+app
+  .route({
+    path: 'org-user',
+    key: 'operate',
+    middleware: ['check-auth-admin'],
+  })
+  .define(async (ctx) => {
+    const tokenAdmin = ctx.state.tokenAdmin;
+    const tokenUser = ctx.state.tokenUser;
+    const data = ctx.query.data;
+    const { orgId, userId, action } = data;
+    const org = await Org.findByPk(orgId);
+    if (!org) {
+      ctx.throw('组织不存在');
+    }
+    const user = await User.findByPk(userId);
+    if (!user) {
+      ctx.throw('用户不存在');
+    }
+    if (user.type !== 'user') {
+      ctx.throw('用户类型错误');
+    }
+    const operateId = tokenUser.uid || tokenUser.id;
+    if (action === 'add') {
+      await org.addUser(user, { needPermission: true, role: 'user', operateId, isAdmin: !!tokenAdmin });
+    } else if (action === 'remove') {
+      await org.removeUser(user, { needPermission: true, operateId, isAdmin: !!tokenAdmin });
+    } else {
+      ctx.throw('操作错误');
+    }
+    ctx.body = 'ok';
+  })
+  .addTo(app);
--- a/src/routes/user/org.ts
+++ b/src/routes/user/org.ts
@@ -1,7 +1,6 @@
 import { app, sequelize } from '@/app.ts';
 import { Org } from '@/models/org.ts';
 import { User } from '@/models/user.ts';
-import { CustomError } from '@kevisual/router';
 import { Op } from 'sequelize';

 app
@@ -35,18 +34,19 @@ app
  .route({
    path: 'org',
    key: 'update',
-    middleware: ['auth'],
+    middleware: ['auth-admin'],
  })
  .define(async (ctx) => {
    const tokenUser = ctx.state.tokenUser;
+    // username 为org的名字，在用户表中也是唯一的
    const { username, description, id } = ctx.query.data;
    if (!username) {
-      throw new CustomError('username is required');
+      ctx.throw('username is required');
    }
    if (id) {
      const org = await Org.findByPk(id);
      if (!org) {
-        throw new CustomError('org not found');
+        ctx.throw('org not found');
      }
      org.description = description;
      await org.save();
@@ -62,11 +62,11 @@ app
    }
    const user = await User.findByPk(tokenUser.id);
    if (!user) {
-      throw new CustomError('user not found');
+      ctx.throw('user not found');
    }
    const orgs = await user.getOrgs();
    if (!orgs.includes('admin')) {
-      throw new CustomError('Permission denied');
+      ctx.throw('Permission denied');
    }
    const newUser = await User.createOrg(username, tokenUser.id, description);
    ctx.body = {
@@ -87,17 +87,17 @@ app
    const tokenUser = ctx.state.tokenUser;
    const id = ctx.query.id;
    if (!id) {
-      throw new CustomError('id is required');
+      ctx.throw('id is required');
    }
    const org = await Org.findByPk(id);
    if (!org) {
-      throw new CustomError('org not found');
+      ctx.throw('org not found');
    }
    const username = org.username;
    const users = org.users;
    const owner = users.find((u) => u.role === 'owner');
    if (owner.uid !== tokenUser.id) {
-      throw new CustomError('Permission denied');
+      ctx.throw('Permission denied');
    }
    await org.destroy({ force: true });
    const orgUser = await User.findOne({
@@ -118,36 +118,21 @@ app
    const tokenUser = ctx.state.tokenUser;
    const id = ctx.query.id;
    if (!id) {
-      throw new CustomError('id is required');
+      ctx.throw('id is required');
    }
    const org = await Org.findByPk(id);
    if (!org) {
-      throw new CustomError('org not found');
+      ctx.throw('org not found');
    }
    const usersIds = org.users;
    const me = usersIds.find((u) => u.uid === tokenUser.id);
    if (!me) {
-      throw new CustomError('Permission denied');
+      ctx.throw('Permission denied');
    }
-    const _users = await User.findAll({
-      where: {
-        id: {
-          [Op.in]: usersIds.map((u) => u.uid),
-        },
-      },
-    });
-
-    const users = _users.map((u) => {
-      const role = usersIds.find((r) => r.uid === u.id)?.role;
-      return {
-        id: u.id,
-        username: u.username,
-        role: role,
-      };
-    });
+    const orgGetUser = await org.getUsers();
    ctx.body = {
      org,
-      users,
+      users: orgGetUser.users,
    };
  })
  .addTo(app);